Use Two-Factor Authentication

Two-factor authentication, or 2FA, is a way to keep your online accounts secure. You have to confirm your identity using two different tools. An example of 2FA is withdrawing money from an ATM. You need to have both your bank card and a PIN number. This makes it harder for other people to take money out of your account.

Apps To Use

When you enable 2FA for an online account (and not all accounts support 2FA), the website generates a QR code. You can use any authenticator app to scan the QR code. Once scanned, the app generates a code every 20 seconds or so. Every time you log in, you’ll have to enter your credentials, then enter the code from your app. Now, even if hackers steal your account, they can’t log in without your phone.

Lock Down Your Phone

The majority of smartphones – at least among flagships – have fingerprint readers. Fingerprint readers enhance the security of your phone, but also poses a problem. In 2014 a Virginia judge ruled that law enforcement can compel people to unlock their phone with a fingerprint, but not with a passcode.

Since you keep your passcode stored in your memory, you could reasonably use the Fifth Amendment as a way to avoid incriminating yourself. But biometric data like a fingerprint isn’t covered under the Fifth Amendment. Police can lawfully collect your DNA in an investigation, so the reasoning is that a fingerprint isn’t that different.

Image credit: Apple

With iOS 9, Apple gave iPhone users the ability to create longer passcodes. Instead of using a four-digit code, users can now create a six-digit code, and even a longer alphanumeric passcode. Alphanumeric means that you can use both letter and numbers.

Create Strong Passwords

Creating strong passwords for all of your devices and accounts is of the utmost importance. I mentioned 1Password above. You can use it to set up and store passwords, as well as codes for two-factor authentication. At the same time, there is also disagreement among security experts as to what a strong password should be.

Some experts say your password should be a combination of letters, numbers and special characters. An example of this type looks like this: EsWg79B77fNepnj}2YPz&R&9.

An infamous comic from XKCD suggests combining a string of standard, easy to remember phrases, such as correct-horse-battery-staple.

Although not impossible to remember, it’s probably better to use random letters and characters to create passwords, and that’s where a password manager comes in.

Apps To Use

Messaging

For ultra-secure messaging and calling, there is only one solution: Signal. Signal uses end-to-end encryption, which means that it encrypts each message on both ends – your phone and the server. It’s also open-source, which means that anyone can look at the source code to see how the app works. This way, people can make sure that the app doesn’t have any secret backdoors or other malicious code.

Although Signal does create some metadata around each message, like timestamp, subject line, location, etc., it deletes almost all of it. Earlier this year, the FBI demanded that the Signal developers hand over the metadata of particular users. The only thing they were able to provide was the date and time that the people made the accounts, and the last time the accounts connected to the servers.

Using A VPN

Seriously, use a VPN. When using this technology, you log into the network of whichever VPN provider you’ve chosen. You then use the internet as you normally do, but to the rest of the Internet, it looks like you’re accessing it directly from their network. For example, if you live in England and use a VPN in the United States, then suddenly websites you visit will think you’re living in the US.

VPN

This is because your device assumes the IP address of the VPN server, instead of using its own. Just make sure that you trust the VPN provider, and that it has a good privacy policy.